<?php

namespace app\controllers;

use Yii;
use yii\web\Controller;
use yii\web\NotFoundHttpException;

class UserController extends Controller
{
	public function beforeAction($action)
	{
		if(!(isset($_SESSION['cms_userid']) && $_SESSION['cms_userid'] != null))
		{
			return $this->redirect(['admin/login']);
		}
		if($_SESSION['cms_usertype'] != 4)
		{
			throw new NotFoundHttpException("没有权限");
			
		}
		return true;
	}

	public function actionIndex()
	{
		$connection = Yii::$app->db;
		$sql = "SELECT * FROM tbl_user u LEFT JOIN (SELECT userid , group_concat(tbl_group.name separator '，') as groups FROM tbl_user_group LEFT JOIN tbl_group ON tbl_user_group.groupid = tbl_group.id GROUP BY tbl_user_group.userid) g ON u.id = g.userid";
		$query = $connection->createCommand($sql)->queryAll();
		
		return $this->render("index",['users' => $query]);
	}

	public function actionCreate()
	{
		$connection = Yii::$app->db;
		$sql = "SELECT * FROM tbl_group";
		$query = $connection->createCommand($sql)->queryAll();
		return $this->render("createuser",['groups' => $query]);
	}

	/*
	* 添加用户
	*/
	public function actionUseradd()
	{
		//var_dump($_POST);
		$connection = Yii::$app->db;
		$username = $_POST['username'];
		$query = $connection->createCommand("SELECT id FROM tbl_user WHERE username='$username'")->queryOne();
		if($query){
			throw new NotFoundHttpException("用户名已存在");
		}
		$password = strtolower(md5($_POST['password']));
		$sex = $_POST['sex'];
		$company = $_POST['company'];
		$department = $_POST['department'];
		$job = $_POST['job'];
		$email = $_POST['email'];
		$cellphone = $_POST['cellphone'];
		$truename = $_POST['truename'];
		$type = $_POST['type'];
		$groups = $_POST['groups'];

		$sql = "INSERT INTO tbl_user(username,password,usertype,sex,truename,company,department,job,email,cellphone) VALUES('$username','$password',$type,'$sex','$truename','$company','$department','$job','$email','$cellphone')";
		$status = $connection->createCommand($sql)->execute();
		if($status){
			if($groups != "")
			{
				$id = $connection->createCommand("SELECT last_insert_id() as id")->queryOne();
				$id = $id['id'];

				$groups = explode(',', $groups);
				foreach ($groups as $group) {
					$connection->createCommand("INSERT INTO tbl_user_group(userid,groupid) VALUES($id,$group)")->execute();
				}
			}
			return $this->redirect(['index']);
		}
		else
		{
			throw new NotFoundHttpException("添加用户失败");
		}
	}

	/*
	* 检查用户名是否存在
	*/
	public function actionUsercheck()
	{
		$username = $_GET['username'];
		$connection = Yii::$app->db;
		$query = $connection->createCommand("SELECT id FROM tbl_user WHERE username='$username'")->queryOne();

		if($query){
			return 0;
		}
		else
		{
			return 1;
		}
	}

	public function actionUpdate()
	{
		$id = $_GET['id'];
		$connection = Yii::$app->db;
		$query = $connection->createCommand("SELECT * FROM tbl_user WHERE id=$id")->queryOne();

		if($query){
			$groups = $connection->createCommand("SELECT g.id as id ,g.name as name ,ug.userid as userid FROM tbl_group g LEFT JOIN (SELECT userid,groupid FROM tbl_user_group WHERE userid=$id) ug ON g.id=ug.groupid")->queryAll();

			return $this->render("userupdate",['userinfo' => $query , 'groups' => $groups]);
		}
		else{
			throw new NotFoundHttpException("用户不存在");
		}
			
	}

	/*
	* 修改用户
	*/
	public function actionUsermodify()
	{
		//var_dump($_POST);
		//var_dump(trim($_POST['password']));

		$connection = Yii::$app->db;
		$id = $_POST['id'];
		$password = trim($_POST['password']);
		$sex = $_POST['sex'];
		$company = $_POST['company'];
		$department = $_POST['department'];
		$job = $_POST['job'];
		$email = $_POST['email'];
		$cellphone = $_POST['cellphone'];
		$truename = $_POST['truename'];
		$type = $_POST['type'];
		$groups = $_POST['groups'];

		if($password == '')
			$sql = "UPDATE tbl_user SET usertype = $type,sex = '$sex',truename = '$truename',company = '$company',department = '$department',job ='$job',email = '$email',cellphone ='$cellphone' WHERE id = $id";
		else
			$sql = "UPDATE tbl_user SET password = '".strtolower(md5(trim($password)))."', usertype = $type,sex = '$sex',truename = '$truename',company = '$company',department = '$department',job ='$job',email = '$email',cellphone ='$cellphone' WHERE id = $id";
		
		$connection->createCommand($sql)->execute();
		if($groups != ""){
			
			$groups = explode(',', $groups);
			if(count($groups) > 0)
				$connection->createCommand("DELETE FROM tbl_user_group WHERE userid = $id")->execute();
			
			foreach ($groups as $group) {
				$connection->createCommand("INSERT INTO tbl_user_group(userid,groupid) VALUES($id,$group)")->execute();
			}

			return $this->redirect(['index']);
		}

	}

	/*
	* 删除用户
	*/
	public function actionDelete()
	{
		$id = $_POST['id'];
		$connection = Yii::$app->db;
		$connection->createCommand("DELETE FROM tbl_user WHERE id = $id")->execute();
		$connection->createCommand("DELETE FROM tbl_user_group WHERE userid = $id")->execute();
	}

	/*
	* 会员组管理
	*/
	public function actionGroup()
	{
		$connection = Yii::$app->db;
		$sql = "SELECT * FROM tbl_group";
		$query = $connection->createCommand($sql)->queryAll();
		return $this->render('group',['groups' => $query]);
	}

	public function actionGroupcreate()
	{
		return $this->render("groupcreate",['type' => 'new']);
	}

	public function actionGroupupdate()
	{
		$id = $_GET['id'];
		$connection = Yii::$app->db;
		$sql = "SELECT * FROM tbl_group WHERE id=$id";
		$query = $connection->createCommand($sql)->queryOne();
		return $this->render("groupcreate",['type' => 'modify' , 'group'=>$query]);
	}

	public function actionGroupadd()
	{
		$name = $_POST['name'];
		$connection = Yii::$app->db;

		if(isset($_POST['id'])){
			$id = $_POST['id'];
			$connection->createCommand("UPDATE tbl_group SET name= '$name' WHERE id = $id")->execute();
		}
		else
		{
			$connection->createCommand("INSERT INTO tbl_group(name) VALUES('$name')")->execute();
		}
		

		return $this->redirect(['group']);
	}

	public function actionGroupdelete()
	{
		$id = $_POST['id'];
		$connection = Yii::$app->db;
		$connection->createCommand("DELETE FROM tbl_group WHERE id = $id")->execute();
		$connection->createCommand("DELETE FROM tbl_user_group WHERE groupid = $id")->execute();
	}
}